Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseSUSE-SU-2022:3650-1
HistoryOct 19, 2022 - 12:00 a.m.

Security update for libreoffice (important)

2022-10-1900:00:00
lists.opensuse.org
12
libreoffice
version 7.3.6.2
security update
vulnerabilities
arbitrary script execution
untrusted macros
weak master keys
suse
opensuse
leap 15.4
leap 15.3
linux enterprise workstation extension 15-sp4
linux enterprise workstation extension 15-sp3
linux enterprise module
packagehub subpackages 15-sp4
packagehub subpackages 15-sp3
patch
installation methods

0.002 Low

EPSS

Percentile

61.5%

JSON

An update that fixes three vulnerabilities, contains one
feature is now available.

Description:

This update for libreoffice fixes the following issues:

 Updated to version 7.3.6.2 (jsc#SLE-23447):

 - CVE-2022-3140: Fixed macro URL arbitrary script execution
   (bsc#1203209).
 - CVE-2022-26305: Fixed execution of untrusted Macros due to improper
   certificate validation (bsc#1201868).
 - CVE-2022-26307: Fixed weak Master Keys in password storage
   (bsc#1201872).

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.4:

    zypper in -t patch openSUSE-SLE-15.4-2022-3650=1

  • openSUSE Leap 15.3:

    zypper in -t patch openSUSE-SLE-15.3-2022-3650=1

  • SUSE Linux Enterprise Workstation Extension 15-SP4:

    zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-3650=1

  • SUSE Linux Enterprise Workstation Extension 15-SP3:

    zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-3650=1

  • SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:

    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-3650=1

  • SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:

    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-3650=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.4aarch64< - openSUSE Leap 15.4 (aarch64 ppc64le x86_64):- openSUSE Leap 15.4 (aarch64 ppc64le x86_64):.aarch64.rpm
openSUSE Leap15.4ppc64le< - openSUSE Leap 15.4 (aarch64 ppc64le x86_64):- openSUSE Leap 15.4 (aarch64 ppc64le x86_64):.ppc64le.rpm
openSUSE Leap15.4x86_64< - openSUSE Leap 15.4 (aarch64 ppc64le x86_64):- openSUSE Leap 15.4 (aarch64 ppc64le x86_64):.x86_64.rpm
openSUSE Leap15.4noarch< - openSUSE Leap 15.4 (noarch):- openSUSE Leap 15.4 (noarch):.noarch.rpm
openSUSE Leap15.3aarch64< - openSUSE Leap 15.3 (aarch64 ppc64le x86_64):- openSUSE Leap 15.3 (aarch64 ppc64le x86_64):.aarch64.rpm
openSUSE Leap15.3ppc64le< - openSUSE Leap 15.3 (aarch64 ppc64le x86_64):- openSUSE Leap 15.3 (aarch64 ppc64le x86_64):.ppc64le.rpm
openSUSE Leap15.3x86_64< - openSUSE Leap 15.3 (aarch64 ppc64le x86_64):- openSUSE Leap 15.3 (aarch64 ppc64le x86_64):.x86_64.rpm
openSUSE Leap15.3noarch< - openSUSE Leap 15.3 (noarch):- openSUSE Leap 15.3 (noarch):.noarch.rpm
SUSE Linux Enterprise Workstation Extension 15SP4noarch<  SUSE Linux Enterprise Workstation Extension 15-SP4 (noarch):- SUSE Linux Enterprise Workstation Extension 15-SP4 (noarch):.noarch.rpm
SUSE Linux Enterprise Workstation Extension 15SP4x86_64<  SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):.x86_64.rpm
Rows per page:
1-10 of 181

Related

nessus 26
openvas 13
almalinux 2
rocky 2
osv 8
redhat 2
oraclelinux 2
debian 2
kaspersky 2
ubuntu 2
thn 1
debiancve 3
cve 4
redhatcve 3
cnvd 1
nvd 4
prion 4
alpinelinux 3
veracode 3
ubuntucve 3
cvelist 4
zdi 1
fedora 1
mageia 1
gentoo 1
freebsd 1
nessus
nessus
SUSE SLED15 / SLES15 Security Update : libreoffice (SUSE-SU-2022:3650-1)
2022-10-19 00:00:00
SUSE SLED12 / SLES12 Security Update : libreoffice (SUSE-SU-2022:3602-1)
2022-10-18 00:00:00
Oracle Linux 8 : libreoffice (ELSA-2023-0089)
2023-01-18 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:3650-1)
2022-10-19 00:00:00
Debian: Security Advisory (DLA-3368-1)
2023-03-27 00:00:00
Ubuntu: Security Advisory (USN-5661-1)
2022-10-07 00:00:00
almalinux
almalinux
Moderate: libreoffice security update
2023-01-12 00:00:00
Moderate: libreoffice security update
2023-01-23 00:00:00
rocky
rocky
libreoffice security update
2023-01-12 08:25:20
libreoffice security update
2023-01-23 14:29:58
osv
osv
Moderate: libreoffice security update
2023-01-12 08:25:20
Moderate: libreoffice security update
2023-01-23 00:00:00
Moderate: libreoffice security update
2023-01-23 14:29:58
redhat
redhat
(RHSA-2023:0304) Moderate: libreoffice security update
2023-01-23 14:29:58
(RHSA-2023:0089) Moderate: libreoffice security update
2023-01-12 08:25:20
oraclelinux
oraclelinux
libreoffice security update
2023-01-24 00:00:00
libreoffice security update
2023-01-18 00:00:00
debian
debian
[SECURITY] [DLA 3368-1] libreoffice security update
2023-03-26 21:05:00
[SECURITY] [DSA 5252-1] libreoffice security update
2022-10-12 17:35:07
kaspersky
kaspersky
KLA12593 Multiple vulnerabilities in LibreOffice
2022-07-25 00:00:00
KLA20006 RCE vulnerability in LibreOffice
2022-10-11 00:00:00
ubuntu
ubuntu
LibreOffice vulnerabilities
2022-10-06 00:00:00
LibreOffice vulnerabilities
2022-10-20 00:00:00
thn
thn
LibreOffice Releases Software Update to Patch 3 New Vulnerabilities
2022-07-28 06:41:00
debiancve
debiancve
CVE-2022-26307
2022-07-25 15:15:09
CVE-2022-26305
2022-07-25 15:15:09
CVE-2022-3140
2022-10-11 21:15:16
cve
cve
CVE-2022-26307
2022-07-25 15:15:09
CVE-2022-26305
2022-07-25 15:15:09
CVE-2022-3140
2022-10-11 21:15:16
redhatcve
redhatcve
CVE-2022-26305
2022-08-16 09:38:21
CVE-2022-26307
2022-08-16 09:38:25
CVE-2022-3140
2022-10-14 05:29:00
cnvd
cnvd
LibreOffice Trust Management Issue Vulnerability (CNVD-2022-54898)
2022-07-27 00:00:00
nvd
nvd
CVE-2022-26307
2022-07-25 15:15:09
CVE-2022-26305
2022-07-25 15:15:09
CVE-2022-3140
2022-10-11 21:15:16
prion
prion
Design/Logic Flaw
2022-07-25 15:15:00
Input validation
2022-07-25 15:15:00
Design/Logic Flaw
2022-10-11 21:15:00
alpinelinux
alpinelinux
CVE-2022-26307
2022-07-25 15:15:09
CVE-2022-26305
2022-07-25 15:15:09
CVE-2022-3140
2022-10-11 21:15:16
veracode
veracode
Information Disclosure
2022-08-10 11:52:02
Improper Certificate Validation
2022-08-10 11:45:43
Remote Code Execution (RCE)
2022-10-19 01:44:18
ubuntucve
ubuntucve
CVE-2022-26305
2022-07-25 00:00:00
CVE-2022-26307
2022-07-25 00:00:00
CVE-2022-3140
2022-10-11 00:00:00
cvelist
cvelist
CVE-2022-26305 Execution of Untrusted Macros Due to Improper Certificate Validation
2022-07-25 00:00:00
CVE-2022-26307 Weak Master Keys
2022-07-25 00:00:00
CVE-2022-3140 Macro URL arbitrary script execution
2022-10-11 00:00:00
zdi
zdi
LibreOffice Exposed Dangerous Function Remote Code Execution Vulnerability
2022-10-21 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: libreoffice-7.2.7.2-2.fc35
2022-10-23 09:13:01
mageia
mageia
Updated libreoffice packages fix security vulnerability
2022-10-29 02:32:51
gentoo
gentoo
LibreOffice: Arbitrary Code Execution
2022-12-19 00:00:00
freebsd
freebsd
Apache OpenOffice -- master password vulnerabilities
2022-02-25 00:00:00

0.002 Low

EPSS

Percentile

61.5%

JSON
Related for SUSE-SU-2022:3650-1
nessus26openvas13almalinux2rocky2osv8redhat2oraclelinux2debian2kaspersky2ubuntu2thn1debiancve3cve4redhatcve3cnvd1nvd4prion4alpinelinux3veracode3ubuntucve3cvelist4zdi1fedora1mageia1gentoo1freebsd1